Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
File: 2270e26b-c2b1-4cc3-800b-33825c0d723b.roa (raw, json)
Hash identifier: Nr4CFypRpbGg9TJSzfBkWEpbrmPgVmzAhH7JZ+6lIP8=
Subject key identifier: 2E:C3:67:33:EE:C1:3F:13:4F:6E:52:A6:98:71:5F:6E:C8:EF:6B:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6051A4613924B3F66BABF5C5552789529AE39422
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
Signing time: Tue 21 Oct 2025 14:20:09 +0000
ROA not before: Tue 21 Oct 2025 14:20:09 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d06f:b000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 21:56:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:51:a4:61:39:24:b3:f6:6b:ab:f5:c5:55:27:89:52:9a:e3:94:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 21 14:20:09 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=9e8dc4923b1e95eb5c080bb1adf712f7445b1798026c9a43b37b974585077623, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:d3:af:5c:c2:2f:41:b0:cd:ab:db:fd:c4:74:
eb:63:8c:e1:a5:26:2d:98:b1:58:2e:7d:40:a2:4b:
90:a7:9c:fd:7c:ea:32:8d:50:b8:bf:5c:93:d8:87:
33:2f:c2:6f:96:58:5e:53:39:17:df:ad:c6:c6:c3:
61:c4:81:d0:89:0f:11:c2:e1:09:62:c7:6d:af:4b:
a9:15:36:0c:60:dc:84:c0:9c:70:cb:97:07:2e:bb:
94:22:9f:ec:f8:ac:b5:51:cd:d5:17:f2:3c:fd:58:
41:68:4b:bd:b1:82:50:7f:f6:19:33:d5:40:df:23:
f0:be:92:74:63:ee:57:3f:13:43:58:85:05:77:76:
12:23:e4:be:67:40:a7:1d:c0:e7:e9:b8:67:83:61:
a6:c9:88:b6:eb:b8:17:13:66:50:df:18:c1:a4:03:
d4:50:1b:54:51:35:5e:d7:3c:ef:95:35:43:02:2a:
3a:2e:ef:ef:c9:b0:02:b6:3f:b2:5d:27:50:25:5a:
4e:61:d3:3c:b4:eb:11:45:d4:71:19:bd:cf:1a:f7:
56:d1:88:58:25:4a:e6:c2:70:06:a3:5d:a6:06:16:
03:91:51:91:27:f7:d4:f5:52:a5:4b:71:dd:0b:12:
65:bf:dd:eb:5b:c6:fb:9f:b0:70:75:fc:94:1c:e9:
9d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:C3:67:33:EE:C1:3F:13:4F:6E:52:A6:98:71:5F:6E:C8:EF:6B:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2270e26b-c2b1-4cc3-800b-33825c0d723b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d06f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:ad:e5:21:cd:0f:f8:44:13:20:61:f0:81:b2:fa:a7:44:e4:
81:ad:a9:92:d1:bc:ed:51:8a:c4:ff:a6:d1:a0:d5:81:28:5d:
a8:7e:3d:d0:e3:19:4c:09:ac:73:1a:0f:36:13:46:54:ef:68:
5a:c9:81:c8:28:fb:87:02:e9:41:9f:9b:01:c5:1f:18:1b:26:
42:60:6e:2d:fd:12:1a:87:d7:c9:4a:82:01:22:7d:b8:57:be:
63:1a:22:85:bb:7b:07:f3:00:4a:9f:20:0e:19:2f:c6:e8:87:
a7:e9:27:2e:43:a9:ac:b5:87:cb:bc:83:2c:24:6b:d2:39:31:
0f:e1:88:22:9e:8a:ce:db:35:92:fe:5d:67:de:67:a7:40:9a:
73:a5:16:7a:56:fc:b3:6e:b4:fa:5c:46:51:16:b2:90:95:14:
9c:e4:64:fe:2b:9c:f8:e9:2e:f5:a0:4a:d8:f4:11:2f:b6:20:
df:ab:b0:24:ba:fc:67:71:98:5a:cf:a3:99:77:4f:1c:2d:66:
f9:81:85:3c:d8:31:bb:ec:03:b8:e3:1d:9c:56:f5:ff:3d:0b:
ca:0f:a2:6d:2e:ed:d9:a4:02:ec:71:0c:65:5f:a1:ea:23:97:
a7:ee:ba:c4:25:58:d5:5f:77:33:e7:99:6b:b2:a2:7b:e8:94:
3a:37:59:75
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYFGkYTkks/Zrq/XFVSeJUprjlCIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMjExNDIwMDlaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQDllOGRjNDkyM2IxZTk1ZWI1YzA4MGJiMWFkZjcxMmY3NDQ1YjE3OTgwMjZj
OWE0M2IzN2I5NzQ1ODUwNzc2MjMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPTr1zCL0Gwzavb/cR062OM4aUmLZixWC59QKJLkKec/XzqMo1QuL9ck9iH
My/Cb5ZYXlM5F9+txsbDYcSB0IkPEcLhCWLHba9LqRU2DGDchMCccMuXBy67lCKf
7PistVHN1RfyPP1YQWhLvbGCUH/2GTPVQN8j8L6SdGPuVz8TQ1iFBXd2EiPkvmdA
px3A5+m4Z4NhpsmItuu4FxNmUN8YwaQD1FAbVFE1Xtc875U1QwIqOi7v78mwArY/
sl0nUCVaTmHTPLTrEUXUcRm9zxr3VtGIWCVK5sJwBqNdpgYWA5FRkSf31PVSpUtx
3QsSZb/d61vG+5+wcHX8lBzpnTcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuw2cz
7sE/E09uUqaYcV9uyO9rGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjI3MGUyNmItYzJiMS00Y2MzLTgwMGItMzM4MjVjMGQ3MjNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0G+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCereUhzQ/4RBMgYfCBsvqnROSBramS0bztUYrE
/6bRoNWBKF2ofj3Q4xlMCaxzGg82E0ZU72hayYHIKPuHAulBn5sBxR8YGyZCYG4t
/RIah9fJSoIBIn24V75jGiKFu3sH8wBKnyAOGS/G6Ien6ScuQ6mstYfLvIMsJGvS
OTEP4YginorO2zWS/l1n3menQJpzpRZ6VvyzbrT6XEZRFrKQlRSc5GT+K5z46S71
oErY9BEvtiDfq7AkuvxncZhaz6OZd08cLWb5gYU82DG77AO44x2cVvX/PQvKD6Jt
Lu3ZpALscQxlX6HqI5en7rrEJVjVX3cz55lrsqJ76JQ6N1l1
-----END CERTIFICATE-----
Generated at Tue Oct 28 04:19:33 2025 by rpki-client